Set Tacacs Session - Enterasys SECURESTACK C3 Configuration Manual

set tacacs session

set tacacs session
Use this command to enable or disable TACACS+ session accounting, or to configure TACACS+
session authorization parameters. For simplicity, separate syntax formats are shown for
configuring session accounting and session authorization.
Syntax
set tacacs session accounting {enable | disable}
set tacacs session authorization {service name | read-only attribute value |
read-write attribute value | super-user attribute value}
Parameters
accounting
enable | disable
authorization
service name
read‐only attribute
value
read‐write attribute
value
super‐user attribute
value
Defaults
None.
Mode
Switch command, Read‐Write.
Usage
When session accounting is enabled, the TACACS+ server will log accounting information, such as
start and stop times, IP address of the client, and so forth, for each authorized client session.
When the TACACS+ client is enabled on the switch (with the set tacacs enable command), the
session authorization parameters configured with this command are sent by the client to the
TACACS+ server when a session is initiated on the switch. The parameter values must match a
service and access level attribute‐value pairs configured on the server for the session to be
authorized. If the parameter values do not match, the session will not be allowed.
Specifies that TACACS+ session accounting is being configured.
Enables or disables TACACS+ session accounting.
Specifies that TACACS+ session authorization is being configured.
Specifies the name of the service that the TACACS+ client will request
from the TACACS+ server. The name specified here must match the
name of a service configured on the server. The default service name is
exec.
Specifies that the read‐only access privilege level should be matched to
a privilege level configured on the TACACS+ server by means of an
attribute‐value pair specified by attribute and value.
By default, attribute is "priv‐lvl" and value is 0.
Specifies that the read‐write access privilege level should be matched to
a privilege level configured on the TACACS+ server by means of an
attribute‐value pair specified by attribute and value.
By default, attribute is "priv‐lvl" and value is 1.
Specifies that the super‐user access privilege level should be matched to
a privilege level configured on the TACACS+ server by means of an
attribute‐value pair specified by attribute and value.
By default, attribute is "priv‐lvl" and value is 15.
TACACS+ Configuration
SecureStack C3 Configuration Guide 27-7